Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Node.js module to generate URL slugs. Another one? This one cares about i18n and transliterates non-Latin scripts to conform to the RFC3986 standard. Mostly API-compatible with similar modules.
(Yet another) Node.js module to generate URL slugs, also known as clean URLs, user-friendly URLs and SEO-friendly URLs.
The difference?
This module extends the fantastic speakingurl module to include Romanisation of Chinese and Japanese scripts.
Give it a string of text in pretty much any major world language and it will convert it to valid characters, conforming to RFC3986, for use within the path element of a URL.
Currently supports, but not limited to, the following scripts:
If you already use either the
speakingurl or
slug modules,
you can probably swap in limax
without changing the logic in your code.
Oh, and limax
is the Latin word for slug.
npm install limax
import slug from 'limax';
const latin = slug('i ♥ latin'); // i-love-latin
const cyrillic = slug('Я люблю русский'); // ya-lyublyu-russkij
const pinyin = slug('我爱官话'); // wo3-ai4-guan1-hua4
const romaji = slug('私は ひらがな が大好き'); // ha-hiragana-gaki
options:
replacement
: String to replace whitespace with, defaults to -
(provides API compatibility with the slug
module)separator
: String, equivalent to replacement
(provides API compatibility with the speakingurl
module)lang
: String, ISO 639-1 two-letter language code, defaults to auto-detected languagetone
: Boolean, add tone numbers to Pinyin transliteration of Chinese, defaults to true
separateNumbers
: Boolean, separate numbers that are within a word, defaults to false
separateApostrophes
: Boolean, separate apostrophes that are within a word, defaults to false
maintainCase
: Boolean, maintain the original string's casing, defaults to false
custom
:
{ '&': '#', '*': ' star ' }
const strich = slug('Ich ♥ Deutsch', {lang: 'de'}); // ich-liebe-deutsch
const unterstreichen1 = slug('Ich ♥ Deutsch', {lang: 'de', replacement: '_'}); // i_liebe_deutsch
const unterstreichen2 = slug('Ich ♥ Deutsch', {lang: 'de', separator: '_'}); // i_liebe_deutsch
const wuYin = slug('弄堂里的菜品赤醬', {tone: false}); // nong-tang-li-di-cai-pin-chi-jiang
// separateNumbers example
const numbersInWord = slug('hello2world'); // hello2world
const numbersSeparated = slug('hello2world', { separateNumbers: true }); // hello-2-world
// separateApostrophes example
const apostrophesInWord = slug('j\'aime'); // jaime
const apostrophesSeparated = slug('j\'aime', { separateApostrophes: true }); // j-aime
// maintainCase example
const caseNotMaintained = slug('HelloWorld'); // helloworld
const caseMaintained = slug('HelloWorld', { maintainCase: true }); // HelloWorld
// custom example
const custom1 = slug('hello.world', { custom: ['.'] }); // hello.world
const custom2 = slug('hello-*-world', { custom: { '*': 'asterisk' } }); // hello-asterisk-world
Provided to support backwards-compatibility with the slug
module.
const underscore = slug('i ♥ unicode', '_'); // i_love_unicode
Run the unit tests with:
npm test
Pull requests with mappings and tests for further scripts and languages are more than welcome.
Copyright 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Lovell Fuller and contributors.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
FAQs
Node.js module to generate URL slugs. Another one? This one cares about i18n and transliterates non-Latin scripts to conform to the RFC3986 standard. Mostly API-compatible with similar modules.
The npm package limax receives a total of 17,640 weekly downloads. As such, limax popularity was classified as popular.
We found that limax demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.